CYB-201
Introduction to cyber
security and strategy.
Mr. Achor Shedrach Sunday
� Cybersecurity Incident Perpetrators: Methods and
Motives
Methods of Cybersecurity Incident Perpetrators:
Cybersecurity incident perpetrators, often referred to
as cybercriminals or attackers, use a variety of
methods to compromise systems, steal information, or
disrupt operations. Some common attack methods
include:
�Phishing: Attackers impersonate trusted entities (like
companies, government agencies, or colleagues) to trick
individuals into revealing sensitive information like usernames,
passwords, or financial details.
Malware: Malicious software (e.g., viruses, worms, Trojans) is
used to infect a system and perform actions like stealing data,
encrypting files for ransom, or causing system disruptions.
�Denial of Service (DoS) / Distributed Denial of Service (DDoS):
Attackers overload a network or server with traffic, causing it to crash or
become unavailable.
SQL Injection: Attackers exploit vulnerabilities in web applications that
interact with databases to inject malicious SQL code, gaining unauthorized
access to sensitive data.
Man-in-the-Middle (MitM) Attacks: In this attack, the perpetrator
intercepts communications between two parties, potentially gaining access
to confidential information or altering the communication.
�Credential Stuffing: Attackers use stolen
username-password combinations (often
obtained from a previous breach) to gain access
to other services where users may have reused
the same credentials.
�Motives of Cybersecurity Incident Perpetrators
Cybercriminals and other perpetrators may have various
motives behind their attacks:
Financial Gain: This is the most common motive.
Attackers may steal credit card information, deploy
ransomware, or conduct fraud for monetary profit.
Espionage: Nation-state actors or corporations may
conduct cyberattacks to steal intellectual property, sensitive
government information, or trade secrets.
�Hacktivism: Some attackers are motivated by political
or social reasons. They may target organizations or
governments to make a statement or protest certain
actions (e.g., DDoS attacks to bring down government
websites).
Personal Vendettas: Disgruntled employees,
competitors, or individuals with personal grievances may
attack a company or individual’s systems.
�Fun or Challenge: Some attackers,
particularly "script kiddies" or hobbyist
hackers, may launch attacks simply for
fun, to prove their abilities, or gain
recognition in certain hacker
communities.
� Countermeasures Employed by Organizations and Agencies
to Prevent and Detect Cybersecurity Incidents Organizations
and cybersecurity agencies adopt a variety of preventive and
detective measures to safeguard their networks, systems,
and data.
Preventive Countermeasures:
These aim to stop attacks before they can infiltrate systems:
Firewalls, Antivirus and Anti-Malware Software, Encryption,
Strong Authentication Mechanisms, Patching and Updates and
Access Control Policies e.t.c
� Detective Countermeasures
These measures help organizations identify potential
cybersecurity incidents when they occur: Intrusion
Detection Systems (IDS), Endpoint Detection and
Response (EDR, Network Traffic Analysis, Vulnerability
Scanning etc.
�Ethical Obligation of a Security Professional Security
professionals hold a critical role in protecting information
systems, networks, and data. Their ethical obligations include:
Confidentiality: Maintaining the privacy and integrity of
sensitive information.
Integrity: Ensuring systems and data are accurate and unaltered,
providing reliable services.
Accountability: Taking responsibility for security measures and
the consequences of breaches.
�Protection of Public Interest: Balancing security
measures with the rights of individuals and society,
ensuring that protections don’t unfairly limit personal
freedoms.
Non-malfeasance: Ensuring actions taken in
cybersecurity do not cause harm to others, including
unintended consequences of countermeasures.
�Cybersecurity and National Security in the Context
of Cyber Attacks, Cybersecurity is a growing concern
that directly intersects with national security. As
cyber-attacks increase in sophistication and
frequency, the implications for national security
become even more significant.
�Cyber threats can be used by hostile actors to
undermine government operations, compromise
sensitive data, and disrupt critical infrastructure.
Key Cyber-Attack Topologies
Advanced Persistent Threats (APT): These are
prolonged, targeted attacks by well-funded and highly
skilled adversaries. They often aim to gain long-term
access to a system for espionage or sabotage.
�Denial of Service (DoS)/Distributed Denial of
Service (DDoS): Attacks that overwhelm a system,
causing disruption of services and causing significant
damage to both government and private sector
operations.
Ransomware: Cyber criminals encrypt data and
demand a ransom for its release, with increasing
occurrences in both the private and public sectors.
�Data Breaches: Cyber actors steal or expose sensitive data
for financial gain, espionage, or disruption.
Supply Chain Attacks: Compromising a target through
vulnerabilities in third-party suppliers or contractors.
Required Policy Tools and Domestic Response:
Legislation and Regulation: Governments need to create
policies that protect critical infrastructure, regulate the
flow of sensitive information, and enforce penalties for
cybercriminal activities. e.g GDPR
�Collaboration between Public and Private
Sectors Cybersecurity is not just a
government issue but also involves private
enterprises, Cooperation between sectors to
share threat intelligence and develop robust
cybersecurity frameworks is essential.
�Incident Response and Recovery Plans: Nations
must have comprehensive cyber incident response
frameworks and recovery strategies to quickly deal
with and mitigate the impact of cyber-attacks.
Cybersecurity Workforce Development: Ensuring
there is a skilled workforce prepared to defend
against evolving cyber threats is crucial for national
security.
�Cyber Defense and Deterrence: Cyber
defense strategies must be in place to
detect, respond to, and recover from attacks.
Deterrence strategies may also be employed,
signaling to adversaries that cyber-attacks
will not go unpunished.
�Cybersecurity Requirements and Strategies in the Face of Big Risks.
The increasing risks from sophisticated cyber-attacks demand a multi-
layered cybersecurity strategy, focusing on both proactive and reactive
measures.
Key Requirements
Continuous Monitoring: Implementing real-time threat monitoring and
detection systems to identify potential vulnerabilities before they are
exploited.
Data Encryption and Protection: Encrypting sensitive data both in transit
and at rest to minimize the damage if a breach occurs.
�Access Control and Authentication: Tightening
access control policies and employing strong,
multifactor authentication methods.
Incident Response Readiness: Having predefined
incident response plans that can be activated in
case of a breach, ensuring rapid recovery and
damage containment.
� Strategies to Manage Big Risks
Zero Trust Architecture (ZTA): Adopting a zero-trust
security model that assumes no one, inside or outside the
organization, can be trusted by default. This requires
constant verification of identity and authorization for
access to systems.
Risk Management Framework: Implementing a risk
management framework that allows organizations to
identify, assess, and mitigate risks related to cybersecurity.
�Cyber Resilience: Building systems that are not
only secure but also resilient to attacks. This
includes ensuring that backup systems and
recovery processes are in place to ensure
business continuity in the event of a cyber-attack.
Education and Awareness: Continuous education
for employees and the public on safe cyber
practices. Phishing, social engineering, and
human error are often weak points in security.
�Public-Private Partnerships: Promoting
information-sharing between government entities,
private businesses, and international organizations
to enhance cybersecurity intelligence and
collective defense efforts.
�Thank
You
